Earn the coveted Fabric Analytics Engineer certification. 100% off your exam for a limited time only!
HI All,
I m very new to this forum, I hoipe this is the correct place to post this question.
I have a follwoing requiremnet form our business and as an O365 admin I have to answer to this, can someone please help me on this.
Business unit asking following
1. O365 Service account without MFA with Power BI Pro licence assigned
2. Register an Azure Native Application with Power BI view permissions API
3. Add the service account as the owner on this Application
My question is when I try to give the API permission I can see following table, in there the view permission is for the whole tenant ( all workspaces). SO does it means if I resgiter the above azure application with the service account , will that service account be able to read all worspace data using the registered application ? If yes how can we restict to not to read all worspace data, just only the specific workspace data as we have very confidential data stored on some other work spaces.
Are ther any other better way to do this.
Hi @Dineth,
I think the better way of solving this would be to have all workspaces owned by account different than your app service account.
So you give access to each workspace from the main account to your service account to specific workspaces with specific access.
How to give specific access to a particular workspace:
Regarding registering Azure app - mark only Read options. Select Native app type. And this account will be an owner of this app because at the top you do log in - https://dev.powerbi.com/apps
Regards,
Ruslan
-------------------------------------------------------------------
Did I answer your question? Mark my post as a solution!
User | Count |
---|---|
15 | |
2 | |
1 | |
1 | |
1 |
User | Count |
---|---|
17 | |
11 | |
5 | |
4 | |
3 |